Code to check the signature of the Google Play in-app server. Like i was trying here: https://www.b4x.com/android/forum/threads/google-play-in-app-signature-verification.55260/
But seems, local inside the app checking can be cheated also, and the main - i could not make working code, especially on Java.
PHP has ready functions to do all. Just it needs B4A working sample.